[86921] in North American Network Operators' Group
Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security)
daemon@ATHENA.MIT.EDU (Randy Bush)
Tue Nov 22 15:25:51 2005
From: Randy Bush <randy@psg.com>
Date: Tue, 22 Nov 2005 10:25:10 -1000
To: Sandy Murphy <sandy@tislabs.com>
Cc: nanog@nanog.org
Errors-To: owner-nanog@merit.edu
> I believe a web of trust can be operationally feasible only if the web
> is more like a forest - if there are several well known examples of
> "tops" to the web. Otherwise, you have to be storing a plethora of
> different signers' certificates to be able to validate all the
> institution's certificates that come in.
you need those certs to verify the live data anyway
randy
